Security

At StrataPay we are required to adhere to the highest of security standards. The most important of these standards is the Payment Card Industry Data Security Standard (PCI DSS) which is enforced by major credit providers. 

 

The standard outlines a set of comprehensive requirements around how we manage sensitive credit card data. Due to our significant transaction volume we maintain the utmost level of security with Level 1 PCI DSS Compliance. Additionally, our recent ISO 27001 certification demonstrates our commitment to continually evolving our security practices to protect your data.

 

View the StrataPay Compliance Certificate.

View the StrataPay ISO 27001 Certificate.

What is PCI DSS Compliance?

Payment card industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry. Payment card industry compliance refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions. PCI standards for compliance are developed and managed by the PCI Security Standards Council.

Being PCI compliant means consistently adhering to a set of guidelines set forth by the PCI Standards Council. PCI compliance is governed by the PCI Standards Council, an organization formed in 2006 for the purpose of managing the security of credit cards. The requirements developed by the Council are known as the Payment Card Industry Data Security Standards (PCI DSS). The guidelines are are also considered security best practices. Its six major requirements include the following:

  • Build and Maintain a Secure Network and Systems
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

What is ISO 27001 Compliance?

 

ISO 27001 is the leading international standard for information security management. It provides a systematic framework for businesses to establish, implement, operate, monitor, review, maintain, and continually improve their Information Security Management System (ISMS).

How does StrataPay ensure our clients security?

 

StrataPay maintains the world's highest payment security accreditation – PCI DSS Level 1. We are proud to be 'on the list' of the Visa Global Registry of Service Providers (the Registry), located at (www.visa.com/onthelistwhich acknowledges service providers that have shown their commitment to security by meeting the requirements of the PCI Standard. Our recent ISO 27001 certification further demonstrates our dedication to robust information security management practices, extending beyond payment card information.